Can someone explain to me how I might get VPN to work with my pix on a second network card. Scenario is this:
1 SBS server running proxy on a 10.0.0.x network obviously DNS/WINS etc working fine. All clients get internet access through it via the proxy using adsl on a second network card (192.168.0.x) in the server.
If I add a pix to the equation for vpn and firewall its setup and working fine however if I setup vpn I need to have settings for internal dns server etc, however if the pix inside interface is on a different network to the main network (10.0.0.x as opposed to 192.168.0.x) I would have to set the vpn scope as 192.168.0.x to see the network card of the server, yes? But then I would run into problems like the dns and wins servers aren't running on the servers external nic.
I can get it working fine if I plug the PIX straight into the switch because I can use a 10.0.0.x address range for the vpn but because the pix is on a second nic I can't see how I can get it to use the 10.0.0.x address range without it falling over becuase the 10.0.0.x address range can't communicate with the 192.168.0.x address range.
If the server will do all the work and will route between the two then fine, im pretty sure I have had this working at a site but can't for the life of me remember how. I haven't got anything to use for testing at the moment so I was hoping someone might be able to shed some light for me
Second Network card in the server setup for ISA on 192.168.0.2 and a router at 192.168.0.5 to route for email and internet access.
As im not 100% happy with ISA we will put in a PIX between the second network card and the router obviously changing this scenario to have the PIX inside interface on 192.168.0.5 and the outside interface matching whatever the adsl box is - probably a group of 5 legal ip.
Now the ip address of the outside int on the PIX will be the connection IP for the vpn. And within the config of the pix I setup a VPN Pool for use by the clients. However because this pool should be on the 10.0.0.x network so it can communicate with WINS and DNS services on the 10.0.0.2 server how can I get it to communicate past the 192.168.0.2 second network card on the server? If I put the VPN Pool as 192.168.0.x instead then I don't get WINS or DNS as they aren't running on that NIC (for security reasons I assume).
Sorry if thats badly explained I think I need a picture to explain it!.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...